Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

How to open 2 ranges of ports in a 5510

I'm new to Cisco and am unsure that the posts I've seen answer my question, so I thought I'd ask it directly:

We have a ASA5510 version 7.0(8); our public ip is 216.220.232.224

How can I open TCP ports 3230 - 3243 and UDP ports 3230 - 3285 for 192.168.0.225 for anyone in the outside world?

Would it be something like this in the CLI?

access-list outside_access_in extended permit tcp any host 216.220.232.224 range 3230 3243
static (inside, outside) interface 192.168.0.225 216.220.232.224 netmask 255.255.255.255
access-group outside_access_in in interface outside

access-list outside_access_in extended permit udp any host 216.220.232.224 range 3230 3285
static (inside, outside) interface 192.168.0.225 216.220.232.224 netmask 255.255.255.255
access-group outside_access_in in interface outside

Everyone's tags (4)
1 ACCEPTED SOLUTION

Accepted Solutions

Re: How to open 2 ranges of ports in a 5510

Also need to correct the syntax for the static:

static (inside, outside) interface 192.168.0.225 216.220.232.224 netmask 255.255.255.255

Should be:

static (inside,outside) 216.220.232.224 192.168.0.225

Federico.

2 REPLIES

Re: How to open 2 ranges of ports in a 5510

Hi,

Exactly.

But you only need this:

access-list outside_access_in extended permit tcp any host 216.220.232.224 range 3230 3243

access-list outside_access_in extended permit udp any host 216.220.232.224 range 3230 3285

static (inside, outside) interface 192.168.0.225 216.220.232.224 netmask 255.255.255.255
access-group outside_access_in in interface outside

Federico.

Re: How to open 2 ranges of ports in a 5510

Also need to correct the syntax for the static:

static (inside, outside) interface 192.168.0.225 216.220.232.224 netmask 255.255.255.255

Should be:

static (inside,outside) 216.220.232.224 192.168.0.225

Federico.

631
Views
0
Helpful
2
Replies